Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- function startVPN() {
- cat <<EOF > /etc/ipsec.conf
- config setup
- nat_traversal=yes
- protostack=netkey
- oe=off
- virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16
- keep_alive=60
- conn CONN
- authby=secret
- pfs=no
- auto=add
- keyingtries=3
- dpddelay=30
- dpdtimeout=120
- dpdaction=clear
- rekey=yes
- ikelifetime=8h
- keylife=24h
- type=transport
- left=$LOCAL_IP
- leftsubnet=$LOCAL_SUBNET
- leftnexthop=%defaultroute
- right=$REMOTE_IP
- rightsubnet=$REMOTE_SUBNET
- EOF
- cat /etc/ipsec.conf
- echo
- echo
- cat <<EOF > /etc/ipsec.secrets
- %any $REMOTE_IP : PSK "$SHARED_SECRET"
- EOF
- cat /etc/ipsec.secrets
- echo
- echo
- cat <<EOF > /etc/xl2tpd/xl2tpd.conf
- [global]
- listen-addr=$LOCAL_IP
- [lac vpn-conn]
- lns=$REMOTE_IP
- ppp debug=yes
- pppoptfile=/etc/ppp/options.l2tpd.conf
- length bit=yes
- EOF
- cat /etc/xl2tpd/xl2tpd.conf
- echo
- echo
- cat <<EOF > /etc/ppp/options.l2tpd.conf
- ipcp-accept-local
- ipcp-accept-remote
- refuse-eap
- refuse-chap
- refuse-mschap
- refuse-pap
- require-mschap-v2
- noccp
- noauth
- mtu 1200
- mru 1200
- nodefaultroute
- name $USERNAME
- password $PASSWORD
- EOF
- cat /etc/ppp/options.l2tpd.conf
- echo
- echo
- echo 1 > /proc/sys/net/ipv4/ip_forward
- for x in /proc/sys/net/ipv4/conf/*; do
- echo 0 > $x/accept_redirects
- echo 0 > $x/send_redirects
- done
- systemctl restart iptables
- iptables --table nat -A POSTROUTING -j MASQUERADE
- mkdir -p /var/run/xl2tpd
- touch /var/run/xl2tpd/l2tp-control
- systemctl start ipsec
- sleep 3
- systemctl start xl2tpd
- sleep 3
- ipsec auto --up CONN
- sleep 3
- echo "c vpn-conn" > /var/run/xl2tpd/l2tp-control
- sleep 3
- echo
- V_IP=$(ip addr show dev ppp0|grep -oP 'inet\ (\d+\.){3}\d+'|awk '{print $2}'|cut -d'/' -f1)
- echo "V_IP: $V_IP"
- ip route add $REMOTE_SUBNET via $V_IP dev ppp0
- }
- function stopVPN() {
- echo 'ipsec auto --down CONN'
- ipsec auto --down CONN
- sleep 3
- echo -n 'systemctl stop xl2tpd '
- systemctl stop xl2tpd
- sleep 3
- echo -n 'systemctl stop ipsec '
- systemctl stop ipsec
- sleep 3
- rm -f /etc/ipsec.conf
- rm -f /etc/ipsec.secrets
- rm -f /etc/xl2tpd/xl2tpd.conf
- rm -f /etc/ppp/options.l2tpd.conf
- }
- USERNAME='your_USERNAME'
- PASSWORD='your_PASSWORD'
- LOCAL_IP='your_LOCAL_IP'
- LOCAL_MASK='your_LOCAL_MASK'
- LOCAL_SUBNET='your_LOCAL_SUBNET'
- REMOTE_IP='your_REMOTE_IP'
- REMOTE_SUBNET='your_REMOTE_SUBNET'
- SHARED_SECRET='your_SHARED_SECRET'
- stopVPN
- startVPN
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement